Today I read about IDN homograph attacks. Basically it’s where Unicode characters that look like ASCII characters are put into a link so the link seems to go to a genuine/trusted site. In related news I found a list of confusable characters via stackoverflow. Also found a list of confusable symbols.
Found a helpful article today, The Most Common OpenSSL Commands.
The particular command I needed wasn’t listed there though. What I needed to do was examine the contents of my Certificate Revocation List (CRL) certificate. I had a problem connecting to my website because it was complaining about an expired certificate and the culprit was indeed the CRL as I discovered when I ran:
$ openssl crl -inform CER -in ca.crl -text -noout
Sometimes I have a problem where I connect to my server without using a certificate, and then later need to connect using a certificate. But if I’ve already selected not to use a certificate then Firefox doesn’t prompt again so I have been having to restart my browser when that happens, which was a real pain, until now!
To clear your SSL session state in Firefox choose History -> Clear Recent History… and then select “Active Logins” and click “Clear Now”. Then the next time you connect to your SSL server Firefox will prompt for which certificate to use.
Last night I read the Apache URL Rewriting Guide and learned about the ErrorDocument Directive.
Been meaning to get around to reading the OpenID Authentication 2.0 specification.
Been learning how to work with MediaWiki’s sidebar.
Been reading up on software versioning.
I’m sick and tired of seeing Google’s bullshit “this stuff matters” advertising as part of their latest privacy policy update (which I’ve been doing my best to ignore).
As I was complaining about it I thought I’d try and find some examples of their hypocrisy. I’m fairly sure I’ve seen articles before where people said their job for a Google interview was to process gigabytes of web logs. If you’re data-mining web logs to *spy* on people on the one hand and then telling people you’re protecting their privacy on the other hand then you’re a lying sack of shit really, aren’t you?
Anyway, I didn’t find what I was looking for in a big hurry and I don’t really have time for this, so I’m giving up on my little fact finding mission and just going back to ignoring the whole thing.
However, during my web search I found this article, My Job Interview at Google, which seems like a fairly content rich article. I’m particularly interested in the resources that the guy linked to in his post. So figured I’d swing by my blog and make a note so that when I have some free time (hey, could happen) I can go over that post and read the reference material.
I learned about the Mailman check_perms program today. Basically it reports on permission issues with the mailman database, which is good because I was having trouble with the permissions on the mailman database. Basically email for a new list wasn’t being added to the web archive because the right permissions weren’t in place to allow the mailman process to write there. Anyway, with the help of /usr/lib/mailman/bin/check_perms and the judicious use of “chgrp -h list” and “chown -R -h www-data:list” I think I managed to fix everything up.
Update: I had a problem after applying the above changes whereby I couldn’t access the web archive for Mailman lists anymore. But… I figured out how to fix it. Basically I added the www-data to the list group with the following command (and then rebooted):
sudo adduser www-data list
Read the spec for Mailman 3.0. Looks like it will be pretty good. The feature that I’m interested in, and I’m annoyed I can’t do this with my current version of Mailman, is to be able to put a link to the web archived message in the bottom of the outgoing SMTP message. I.e. so there’s a link back to that message on the web in the message itself. Would be really handy for referencing. At the moment if I want a link I have to go to the web archive for the particular list and find it.
While I was reading the Mailman 3.0 spec I noticed a link to Postfix Virtual Domain Hosting Howto. I think I might have read (at least some of) that before. But… reading that is now definitely on my TODO list.